TCP Port 2535
Used by a number of the Bagle / Beagle viruses as a backdoor port.
Bagle is mass-mailing email that besides using your address book, and other
information on your computer to email copies of itself too, opens a backdoor on port
allows a hacker to upload a file and execute it automatically. Bagle also
attempts to contact a number of web sites informing them of the infection. TCP port
2535 should be blocked by your firewall.
Outbound scans especially if occurring in volume should be considered an indication of a
possible infection or compromise on the source computer and should be
PortPeeker TCP Port 2535 Capture
US-CERT Current Activity
Symantec Beagle.W write up
F-Secure Bagle.Y write up
Page last updated on
May 10, 2004